Fix returning from TryAllocateLinearlyAligned without updating the
allocation stats if a preceding filler was required. Also makes
AllocateRaw take an int instead of size_t in line with other Spaces.
Bug: v8:8875, chromium:1097389
Change-Id: If0932caa94dce1cd45b41f44fa225a2007772ea1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2264354
Auto-Submit: Dan Elphick <delphick@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68516}
Move more logic into the {TraceLine} class. In release builds, this
class will not do anything. Since there is no code after the switch in
{DecodeOp} any more after this CL, we can apply tail-call optimization
(via explicit returns in C++), which will save an additional call in
some cases.
R=thibaudm@chromium.org
Bug: v8:10576
Change-Id: Ie11ec550ab33d0c03a27375f34576e3a75dcf6ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2254021
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68515}
Every condition which can only fail on invalid wire bytes should be
wrapped in the VALIDATE macro. This way, it will automatically be
skipped if {validate} is false, and we will automatically add V8_LIKELY
annotations to the branches.
Also, consistently use the style
if (!VALIDATE(condition)) {
... handle error ...
}
... continue ...
Drive-by: Remove unnecessary OPCODE_ERROR macro.
Drive-by 2: Replace unreachable code (after a switch) by UNREACHABLE.
R=thibaudm@chromium.org
Bug: v8:10576
Change-Id: I9b592bd4abde80d86e72c63739d77b4814dc96de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2262917
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68514}
V8 fails a recently added spec test that when an imported global get
re-exported, it should preserve its identity. This CL fixes the behavior
in V8.
Drive-by change: fix the object printer of globals: a global which
stores a reference type only has a tagged buffer, a global which stores
a value type only has an untagged buffer.
R=clemensb@chromium.org
Bug: v8:10556
Change-Id: I949d147fe4395610cfec6cf60082e1faecb23036
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2235702
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68513}
Since the interpreter is not used in production any more, it does not
need to support lazy compilation. Since the code is still (accidentally)
triggered by indirect calls, we need to refactor that code. It only
allows calls within the same instance anyway.
R=ahaas@chromium.org
Bug: v8:10389
Change-Id: Ied1c8effd4c9fbb857a068db587de3463867ac80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2259942
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68512}
The more complicated subtyping checks due to the new wasm-gc types
caused a performance regression. This CL:
- Adds a V8_LIKELY annotation to the more common path
(type equality).
- Factors the rest of the check out of the inlinable part of subtype
checking to reduce binary size, and thus cache misses.
Bug: chromium:1096769, v8:7748
Change-Id: Idd92789b40cc175c268ef5a53f042d4b881992af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2263156
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68511}
If we pass flags that make runs very slow, also the validity checks
might time out. Previously this wasn't checked and output was just
cut off.
This also tightens the timeout on validity checks as they are
expected to run very fast.
No-Try: true
Bug: chromium:1098646
Change-Id: Iea9a932be86e84040b72a2311aaa1d44100b3378
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2262915
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68510}
This allows the compiler to eliminate more unneeded branches. Since all
functions just do a lookup in a static table (either directly, or via
compiling a switch to such a lookup), they are also good candidates for
inlining, which is made possible by this change.
One DCHECK is removed instead of pulling in the inl header, which would
require more refactoring since the check is in a non-inl header.
R=thibaudm@chromium.orgTBR=jkummerow@chromium.org
Bug: v8:10576
Change-Id: If0fd25fd62c5f30b896fc67a5458a5ae475a6351
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2259944
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68508}
Test has flaky data race and will be fixed after branch to avoid
regressions.
Bug: v8:10637, v8:10315
Change-Id: Iddbbd91701aea622803146b84c9a9aa334bda927
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2263155
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68506}
GCMole now comes with the long forgotten use-after-free detection
enabled by default. The CL also improves error logging when test
expectations mismatch with the actual output and updates the hash
of GCMole to be used with the newly built version with enabled UAF
detection.
The CL also contains an ignore for isolate.cc due to inability to
fix a warning there and fixes a couple of UAF warnings.
Bug: v8:9680
Change-Id: I7a009ffd5f67b1b5437567691ca4235ea873de70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2257236
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68505}
With this CL d8 exits with an error code if there is an unhandled
promise rejection, e.g. due tue a failed assertion in a promise. Up
until now these assertions were just ignored.
Bug: v8:10556
Change-Id: I25f20e4be45a2de130562deb15f6a144f0ac976f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2238569
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68503}
The IsInBounds function is used in a few different places, when used for
bounds checks on 32-bit platforms, size_t for max_memory_size leads to
incorrect out of bounds accesses as size_t is not guaranteed to be
64-bit on all platforms. Use specific uint32_t, uint64_t methods for
Wasm bounds checking instead of size_t.
Bug: chromium:1080902
Change-Id: I0e21f0a310382c8ed0703c8302200d3352495c13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2256858
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68500}
The current memory reservation approach for wasm memory tries to reserve
upto the maximum, and only reserves initial if the maximum reservation fails.
Add multiple retries with a smaller upper limit so that calls to grow
have a higher probability of succeeding.
Bug: v8:10519
Change-Id: Ice5b4c826ff993c9da7292e1b24a42a72306c098
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2259720
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68499}
Prototype f32x4.trunc on ARM for both ARM v7 and ARM v8. ARM v8 has
support for vrintz, and for ARM v7 we fallback to runtime.
Since ARM v8 uses vrintz, which is the same instruction used for F32
trunc (scalar), wasm-compiler reuses the Float32RoundTruncate check.
Bug: v8:10553
Change-Id: I65ddc36ccff21f8f0ff21a6e768184c084ffcfea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2256770
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68498}
This modernizes python code without breaking Py2 compat.
Ran with command:
futurize --stage1 -w tools/testrunner
Bug: v8:9871
Change-Id: Ie23333cbd923197be0bffcad5041056e00990042
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2252554
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68496}
Get value from type payload, check and show bitset name.
Change-Id: I6d0e0f30fca0b2aaddfd5f18abf948886552f2dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2258815
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#68495}
This is the only FLAG_minor_mc usage that is not guarded by
#ifdef ENABLE_MINOR_MC.
Change-Id: I54d447ede6a6ab4bbfb6ffbd7674e240d8cc1987
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2260878
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68494}
Both the .return and .throw methods are delegated to the underlying sync
iterator. These methods are retrieved using GetMethod [1], which checks
for either null or undefined instead of only undefined.
[1] https://tc39.es/ecma262/#sec-getmethod
Bug: v8:10395
Change-Id: Ide8db4270d48783da6fd1d45a5b01f2858e2828c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2258667
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68493}
This modernizes python code without breaking Py2 compat.
Ran with command:
futurize --stage1 -w tools/testrunner/testpro
Manual fixup to util_unittest to modify import paths and change to
absolute imports.
Bug: v8:9871
Change-Id: I2ac29622aff5daebc9dc42145c1d96dff8258546
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2252549
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68492}
Scalar lowering for i8x16, i16x8, i32x4 bitmask.
Depending on which lane we are lowering, we can either shift the MSB
into the correct final bit position, then do a big OR of all the nodes.
Bug: v8:10308
Change-Id: Iddf6c077b5a8658a487cef59f2e3bbae3c8bd98d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2219327
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68491}
This modernizes python code without breaking Py2 compat.
Ran with command:
futurize --stage1 -w tools/testrunner
and manual fixup in statusfile_unittest.py to change to update import
path and change to absolute imports (similar to pool_unittest.py)
Bug: v8:9871
Change-Id: I8851e2188ef9285f2bd57cc07e959e22e1b05f6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2252548
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68490}
After https://chromium-review.googlesource.com/c/v8/v8/+/2250254,
allocated_object_size in RO_SPACE is incorrect. This changes it to use
the accounting_stats_ value. This also fixes the Capacity() which was
previously uninitialized. Both are tested in new ReadOnlySpace allocation
tests in test-spaces.cc.
Couple of cleanups:
* area_size_ becomes const since its value is fixed after construction.
* Deletes incorrect comment in base-space.h
Bug: v8:10454
Change-Id: I9bbbc1ef2548722eee9dae1bb8d67448eccf8955
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2259937
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68489}
There is currently no API call that allows access to the id of the
script underlying a Module. As this function can only be used for
SourceTextModules, we also add IsSourceTextModule() and
IsSyntheticModule() to allow callers to distinguish them.
Bug: v8:10616
Change-Id: Ia55ea8e6993922b695019852e38ca54ffce32cbf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2248199
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Alex Turner <alexmt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68487}
Currently, atomics operations are only allowed on shared memory and are
enabled on regular memory behind the --wasm-atomics-on-non-shared-memory
flag. Set the default value of this flag to true. This enables the
following behaviors:
- No validation failures when atomic opcodes are used on wasm memory
backed by ArrayBuffers
- memory.atomics.wait{32/64} operations will trap when wasm memory is
not shared
- memory.atomics.notify will always return 0 if wasm memory is not
not shared.
Bug: v8:9921
Change-Id: I1feb8c3db428187ee192ea72277957bfde9ac4b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2258099
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68486}
along with a very basic test case.
Bug: v8:7748
Change-Id: I93d4b280922dd9eba8defc1a83ca08a2a957376a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2254023
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68485}
Due to recent spec changes, this CL removes the type immediate of
ref.is_null again. Instead we check if the type of the input parameter
is nullable.
R=jkummerow@chromium.org
Bug: v8:10556
Change-Id: If07d30fe4dd27664be7774422573b2ab2b0dfa20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2247654
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68484}
The interpreter is not used in production code any more, hence move it
from src/wasm to test/common/wasm.
It's still used in unit tests, cctests, and in fuzzers.
Because of this move, a few more methods had to be exported via
V8_EXPORT_PRIVATE.
R=ahaas@chromium.org, yangguo@chromium.org
Bug: v8:10389
Change-Id: If626b940a721146c596fd7df4faaea633e710272
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2257226
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68480}
Following up on previous changes for unary ops:
https://crrev.com/c/2246576
Bug: v8:8888
Change-Id: Ie4dd9a307fb0415e93babf412e3d8d9e86791761
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2257227
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68479}
This change enables automatic generation of Cast<> operators for
classes that are defined in Torque.
* Cast<> macros are generated for all classes that are defined in
Torque code that are neither shapes nor marked with a new
@doNotGenerateCast annotation.
* Implicitly generated Cast macros simply call through to an
internally-defined "DownCastForTorqueClass" macro that implements
the cast using one of three strategies for efficiency. If the class
has subclasses (i.e. a range of instance types including subtypes),
the DownCastForTorqueClass checks for inclusion in the instance type
range. If the class has a single instance type (i.e. no subclasses),
then either 1) a map check is used if the class has a globally-
defined map constant or 2) an equality check for the instance type
is used.
* Added new intrinsics to introspect class information, e.g. fetching
instance type ranges for a class, accessing the globally-defined map
for a class.
* Removed a whole pile of existing explicit Cast<> operators that are
no longer needed because of the implicitly generated Cast<> macros.
* Added tests for the new Cast<> implementations.
Bug: v8:7793
Change-Id: I3aadb0c62b720e9de4e7978b9ec4f05075771b8b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2250239
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68478}
This extends the opcode macro lists to include both the long name
(e.g.: JSAdd) and short name (Add) to reduce duplication. The change
is only for JS operators for now but can be extended to others in the
future.
Drive-by: Base more predicates off the macro lists for robustness.
Bug: v8:8888
Change-Id: I10debdf86166dbe9dac63a6df57938820a8af8d0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2255468
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68477}
Just a test for now to document how trailing space after async
functions is not removed by SourceRangeAstVisitor.
Bug: v8:10628
Change-Id: I40f0d911c59540ea835c807a2be5b0d1488291d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2259852
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68476}
Chrome may send memory measurement requests to multiple renderer
processes at the same time. This may lead to multiple GC happening at
the same time if the processes are idle. Randomization spreads out
the GCs over time to reduce the load on the system.
Bug: chromium:1049093
Change-Id: I5aa67fb07f8a55d0ba769bf823168b35cb3c23cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2208861
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68472}
